spring-security

Commit Graph

Author	SHA1	Message	Date
Eleftheria Stein	2cf9e57fa4	Restrict cas-server version Issue: gh-7788	6 years ago
Eleftheria Stein	20483c2314	Update to Spring Boot 2.2.2.RELEASE Fixes: gh-7797	6 years ago
Josh Cummings	de87675f6d	Add JwtIssuerAuthenticationManagerResolver Fixes gh-7724	6 years ago
Josh Cummings	09810b8df9	oidcLogin Test Configuration Flow Fixes gh-7794	6 years ago
Josh Cummings	84ba3ddf26	Add oauth2Login MockMvc Support Fixes gh-7789	6 years ago
Eleftheria Stein-Kousathana	2df1099da5	Idiomatic Kotlin DSL for configuring HTTP security Issue: gh-5558	6 years ago
artmiar	e306482a96	Fix description of PasswordEncoder	6 years ago
Rob Winch	f639e17491	Resolve Current Spring Version Issue gh-7788	6 years ago
Rob Winch	65981444f1	Use Version Ranges Fixes gh-7788	6 years ago
Rob Winch	1bb1e74a9d	Add Gradle Lock Plugin Issue gh-7788	6 years ago
Rob Winch	06d7443946	Use Gradle platform and constraints This was largely generated from the following script wget `bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy` ./dsp.gradle cat gradle/dependency-management.gradle \| grep 'management "' \| cut -d ':' -f 2 \| xargs -I{} sh -c "rg {} -l -g '.gradle' -g '\!dependency-management.gradle' > /dev/null \|\| echo {}" \| xargs -I{} sed -iE '/.{}.*/d' gradle/dependency-management.gradle rm ./dps.gradle Fixes gh-7787	6 years ago
Eleftheria Stein	924b9e95a1	Polish MethodSecurityEvaluationContext Issue: gh-6224	6 years ago
Daniel Bustamante Ospina	150b66824d	Make MethodSecurityEvaluationContext Delegate to MethodBasedEvaluationContext Spring Security's MethodSecurityEvaluationContext should delegate to Spring Framework's MethodBasedEvaluationContext Fixes: gh-6224	6 years ago
Rafael Renan Pacheco	96d82ecbf2	Fix docs that cause unchecked assignment and NPE	6 years ago
Eleftheria Stein	8b8267e1fe	Fix typo in LDAP Javadoc	6 years ago
Matthias Stock	5fde3044f7	Resolve JavaType only once for whitelisted class	6 years ago
Filip Hanik	9d26f12e86	Add an example of Base64 encoding that failed with java.util.Base64 Revert usage to Apache Commons Codec (dependency by OpenSaml)	6 years ago
Eleftheria Stein	22c222005b	Add custom release notes configuration file	6 years ago
BELHAKEL Ammar	b4619f31ee	Fix return type AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to B, the type of SecurityBuilder, instead of O, the type of object being built. Without this change, calls like http.objectPostProcessor(...).getFilters() will fail with a ClassCastException.	6 years ago
Eleftheria Stein	f109388211	Use lambda DSL in all samples in documentation Issue: gh-7774	6 years ago
Rafael Renan Pacheco	0295b51e78	Fix var typo and code readability	6 years ago
Eleftheria Stein	2c7f2c2117	Fix Javadoc error in oauth2ResourceServer Fixes: gh-7670	6 years ago
Josh Cummings	e1fdb24b5d	Add opaqueToken MockMvc Test Support Fixes gh-7712	6 years ago
Onur Kağan Özcan	2015f392ef	Set secure when cancelling remember-me cookie AbstractRememberMeServices is setting remember-me cookie with checking request is secure or secure usage is independently set to a fixed flag. But when cancelling a cookie, cookie is not being marked secure or not. It produces an inconsistency when using secure flag as a part to identity of cookie.	6 years ago
Josh Cummings	40d4dce329	Polish Documentation Changed indentation on saml2Login() snippets to align more closely with surrounding documentation. Also removed call to super.configure as this would enable formLogin as well as httpBasic. Replaced with default endpoint authorization statement. Issue gh-7654	6 years ago
Josh Cummings	c745889ae7	Update to nimbus-jose-jwt:8.3 Fixes gh-7720	6 years ago
Tao Sun	f18d0fd1a7	Test details using isEqualTo	6 years ago
Tao Sun	6b0981549b	Add test for details deserialization	6 years ago
Tao Sun	156fc294bf	Deserialize details field in UsernamePasswordAuthenticationToken Before this commit, the details field was set to a JsonNode, but now it is deserialized correctly. Fixes gh-7482	6 years ago
Filip Hanik	af415948b1	Allow configuration of AuthenticationManagerResolver in saml2Login() Fixes gh-7654 https://github.com/spring-projects/spring-security/issues/7654	6 years ago
Filip Hanik	b7eebabce6	Ensure that both matchers carry the same pattern. AbstractAuthenticationProcessingFilter.setRequiresAuthenticationRequestMatcher is public and final, so there is a risk that the underlying matcher can become different if one is not careful.	6 years ago
Filip Hanik	9aa333ca4d	Use the custom ServerRequestCache that the user configures on for the default authentication entry point and authentication success handler Fixes gh-7721 https://github.com/spring-projects/spring-security/issues/7721 Set RequestCache on the Oauth2LoginSpec default authentication success handler import static ReflectionTestUtils.getField Feedback incorporated per https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359	6 years ago
Rafael Garcia	65f5c29316	Check hashes of byte array passwords Fixes gh-7661	6 years ago
Rob Winch	83d796cf1a	Docs ServerRSocketFactoryCustomizer->ServerRSocketFactoryProcessor The documentation incorrectly used ServerRSocketFactoryCustomizer which was renamed to ServerRSocketFactoryProcessor. The docs now use the correct class name Fixes gh-7737	6 years ago
Eleftheria Stein	da3f18017d	Polish SAML2 principal classes Update @since Issue: gh-7681	6 years ago
Rob Winch	a8331ba7ed	CompositeServerHttpHeadersWriter Executes Sequentially Fixes gh-7731	6 years ago
Clement Stoquart	31b999e9b4	fix: make Saml2Authentication serializable	6 years ago
Josh Cummings	02f161aba7	Use OidcIdToken.Builder Issue gh-7592	6 years ago
David Herberth	64e063d948	switches web authentication principal resolver to use reactive context gh #6598 Signed-off-by: David Herberth <github@dav1d.de>	6 years ago
Rob Winch	8e53c3f269	DelegatingServerAuthenticationSuccessHandler Executes Sequentially Fixes gh-7728	6 years ago
Rafael Garcia	c71e84bdac	Replace test vectors with list of objects	6 years ago
Rob Winch	73babc3314	DelegatingServerLogoutHandler Executes Sequentially Fixes gh-7723	6 years ago
Phil Clay	cffad1be02	Polish #7589 Rename OAuth2AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager to AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager. Handle empty mono returned from contextAttributesMapper. Handle empty map returned from contextAttributesMapper. Fix DefaultContextAttributesMapper so that it doesn't access ServerWebExchange. Fix unit tests so that they pass. Use StepVerifier in unit tests, rather than .subscribe(). Fixes gh-7569	6 years ago
Ankur Pathak	c29309d744	Reactive Implementation of AuthorizedClientServiceOAuth2AuthorizedClientManager ReactiveOAuth2AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager is reactive version of AuthorizedClientServiceOAuth2AuthorizedClientManager Fixes: gh-7569	6 years ago
Clement Stoquart	0c47bfb1e3	Remove empty relay state from redirect url	6 years ago
Joe Grandja	24500fa3ca	Remove redundant validation for redirect-uri Fixes gh-7706	6 years ago
Rob Winch	9c991a5430	Start Servlet Authentication Cleanup Issue gh-7628	6 years ago
Joe Grandja	4d9cee116c	Display general error message when WebFlux oauth2Login() fails Issue gh-5562 gh-6484	6 years ago
Joe Grandja	c40a17b4d1	WebFlux oauth2Login() redirects on failed authentication Fixes gh-5562 gh-6484	6 years ago
Josh Cummings	d102cae243	oidcLogin MockMvc Documentation Remove documentation requiring a valid ClientRegistrationRepository Issue: gh-7618	6 years ago

... 3 4 5 6 7 ...

8522 Commits (edb6665103e6f2b36cfc3966094dea40c1f2669a) All Branches Search

8522 Commits (edb6665103e6f2b36cfc3966094dea40c1f2669a)

All Branches